Antivirus Software: Fighting Blame, Not Hacks

Craig Elliott, chief executive officer of Pertino, a cloud-networking startup, knows that the antivirus software his company uses won’t deter all hacking attacks. That won’t stop him from using it. “It’s a safety blanket,” he says. “It’s CYA [cover your ass] more than anything else.” That’s why the antivirus industry, born in the late 1980s to combat floppy-disk viruses, has staying power, even in this era of sophisticated hacks from China and elsewhere.

Although the word virus generally applies to all manner of computer attacks, data security pros no longer just worry about old-style viruses—programs or pieces of code that replicate and spread from computer to computer, degrading their performance. The new threat: advanced forms of malicious software, or malware, such as online banking password-stealers and military-grade spying software.

Recent incidents like the attack on the New York Times by Chinese hackers, which antivirus software failed to stop, illustrate the challenge facing industry leaders such as Symantec and McAfee. A weakness of antivirus software is that it’s designed to zero in on so-called signatures, or identifiable patterns in code. When an antivirus company finds a piece of malicious software, it adds a signature to its database, which is included in software upgrades sent to users.

STORY: Mandiant, the Go-To Security Firm for Cyber-Espionage Attacks

The approach was effective until more sophisticated malware arrived on the scene in the early 2000s. Now identifying a piece of attack software after the fact has limited value because the most advanced malware is custom-built for specific attacks—and never used again. Today’s hackers also prefer to infiltrate networks via e-mail and social media, making attacks harder to detect. The Times attack is thought to have begun with infected e-mails sent to employees.

After the Times disclosed that Symantec software failed to identify the malware used in the breach, the Mountain View (Calif.)-based company issued a statement saying that antivirus protection alone is not enough to thwart advanced attacks.Symantec (SYMC) and Santa Clara (Calif.)-based McAfee are upgrading their security software to keep pace with hackers, such as adding blocking features that crunch traffic data to determine whether an unknown e-mail attachment or website is trustworthy.

“The industry will likely change pretty dramatically,” says Francis deSouza, Symantec’s president of products and services. “We’re seeing more malware than we’ve ever seen before, and we’re seeing more custom malware than we’ve ever seen before. Those trends have profound implications for the antivirus industry.” Michael Fey, chief technology officer for McAfee, which is owned by Intel (INTC), says “one product is not a silver bullet.”

STORY: Cyberwars Reach a New Frontier: the Airport

Despite this, companies aren’t likely to dump their antivirus software. Even if they wanted to because of cost or performance concerns, many simply can’t, says Amrit Williams, chief technology officer of Lancope, a company which sells software that scans computer networks for malware. Retailers that accept credit cards, for instance, must comply with the Payment Card Industry (PCI) data-security standard, which mandates antivirus protection. Corporate security chiefs in industries that don’t require antivirus software can choose to buy it—or risk their jobs if they go without it and get attacked, Williams says. Consumer and corporate purchases of software to combat online threats will account for $8 billion of the $66 billion in worldwide spending on computer-security technology this year, according to Gartner (IT).

Another reason demand for antivirus companies’ products is likely to remain high is that there’s still a threat from less sophisticated attacks, says Steven Ashley, an analyst with financial services firm Robert W. Baird in Milwaukee. The New York Times is still a Symantec customer, though it is “exploring other options,” says spokeswoman Eileen Murphy.

“Antivirus is an important element that will always be there,” says Ashley. “Even if someone broke into a guarded office or facility, you won’t take down the fence around it.” At least one company, though, has done just that. Palo Alto Networks(PANW), a maker of network-security equipment, has no official policy on antivirus software, says co-founder Nir Zuk. Its 840 employees are not required to have antivirus software on their machines, and the company uses its own network-security products to defend against attacks. Most infections occur in the first 48 hours after a new piece of malware is released—before antivirus companies can get a fix out to customers, Zuk says, citing his company’s research.

STORY: How the Experts Would Fix Cyber Security

“I think there’s value in AV—most CTOs won’t get rid of it,” he says. “It’s just that I think the cost of it, and the fact it only works on some machines, and the fact that it’s not detecting targeted or new attacks, makes me want to invest my money in other solutions.”

Articles Index with click to select

Ads:

 
• Gratis AntiVirus Software
 
• AntiVirus Scan Virus
 
• Anti Virus Software
 
• Free Virus Protection
 
• Free Avast AntiVirus

Articles Index

Antivirus Software Technology

Threats are abundant with information systems. One nasty virus can cripple your machine, steal your personal information, and infect other devices. Protecting your computer from malware is perhaps the most important aspect of computer ownership. The first step in protecting your system is understanding how antivirus software operate.

iLivid Virus

The iLivid virus presents itself as a tool called "iLivid Free Download Manager." The virus tricks people into thinking that the application will assist with media downloads. Learn more about the dangers of iLivd.

Firefox Redirect Virus

Firefox Redirect Virus causes unwanted results by redirecting your Internet searches. Follow these steps to help you remove the Firefox Redirect Virus.

Fake Antivirus Software

Fake antivirus software will conduct false virus scans on your computer. Learn how to detect these threats.

What is Sirefef Malware?

Learn about the dangers of Sirefef (ZeroAccess) Malware and how to prevent it.

Website Compromises at UNC Chapel Hill

The first step in solving any problem is first understanding you have a problem. This is particularly true when it comes to managing the problems brought on by website compromises and date breaches.

Bugs, Mice, and Antivirus

So what do computer viruses and real life cockroaches have in common? Nothing really, except the lessons you learn from trying to overcome one can also be applied to the other.

JS.Fortnight Worm

The Fortnight worm arrives in the body of an html-rendered email, redirecting Internet Explorer to porn sites.

Klez Help Center

The Klez virus uses a variety of techniques to fool and aggravate users

BadTrans.B

Tips for removing the BadTrans.B virus and blocking it in email

Common Botnets

A botnet is a collection of compromised (infected) computers under the collective control of remote attackers. The malware on the infected computer is known as a bot, a type of backdoor or remote access trojan (RAT). Here is a collection of the most common botnets.

Stuxnet, Winsta.exe, and Cover-ups

Stuxnet is - without dispute - the most important malware in history. It would be nice if for once the industry (including vendors and journalists) would put their self-interests on hold, would stop trying to save face, and would instead delve into the truth of Stuxnet so at least we have the real facts.

Is Stuxnet Really Targeting Iran?

There has been no shortage of claims that Iran was the intended target of the Stuxnet worm. But the reality is, these claims are completely unfounded. Here are a few of the true facts behind Stuxnet.

2003: Year of the Black Sheep

It seems appropriate that the Chinese dubbed 2003 as the Year of the Black Sheep. Among other things, the sheep is a symbol of untidiness - and from a virus standpoint, the year was indeed a mess.

Conficker: More Conflict than Worm

Barely a week after the 60 Minutes April Fools' Conficker doomsday update failed to materialize, the closely watched Conflicker.C did finally manage an update. And in an ironic twist, the worm itself debunks much of the hype surrounding it.

PowerPoint Zero Day Vulnerability In-the-Wild

Microsoft has released Security Advisory 969136 warning of a newly discovered zero day PowerPoint vulnerability. The flaw impacts PowerPoint versions found in Windows versions of Office 2000, 2002, 2003, and Office 2004 for Mac.

60 Minutes, Conficker, and April's Fool

Is the Conficker worm set to detonate some evil payload on April 1st? According to 60 Minutes, it seems so. Here's the non-FUD behind the Conficker worm.

Winthb 'Virus' Tied to Backdoor Trojans

A family of backdoor and autorun trojans are working together to plague users. One symptom that may appear - the drive volume name and icon may be changed. The more insiduous aspects of the infection are far more silent and may be overlooked when users attempt manual removal.

A Storm of Scary Email

In recent weeks, a rash of spam has been sent that bear much resemblance to the all-too-familiar tactics of the Storm botnet.

What is JS/Psyme (and How to Get Rid of It)

Many users have experienced repeated warnings of infection by Psyme each time they open their browser. Depending on the antivirus in use, the name given in the warning may be any of the following: Downloader.Psyme (Symantec), Troj/Psyme (Sophos), Trojan.VBS.KillAV (Kaspersky), TrojanDownloader.VBS.Psyme (CA),Trojan.Downloader.JS.Psyme (Kaspersky), VBS/Petch.A (F-Prot), VBS/Psyme (McAfee)

What is the Storm Worm?

The so-called Storm worm is actually not a worm, but rather a family of Trojans that typically include a backdoor, SMTP relay, P2P communications, email harvester, downloader, and often a rootkit.

U.Z.A. O/S Eliminator Worm

The so-called "U.Z.A. O/S Eliminator" worm appears to have originated in Maldives sometime in late July or early August 2007. The worm exploits the autorun feature, enabling it to spread from removable USB/thumb drives to other computers.

Freedom / Outlaw Worm

The Freedom 'virus' is a worm that infects local and USB drives, disables access to Task Manager, Registry Editor and other system utilities, and may try to delete MP3 files found on infected systems. Here's how to clean it.

Ransomware: Trojans Demand Money From Victims

Having your computer infected with a virus or other malicious software is upsetting enough. But over the past year, a new type of attack promises to be even more disconcerting. Dubbed ransomware, this new attack infects the system, encrypts the files, and then demands payment from its victims.

Trojan.MeSpam Makes You the Spammer

Instead of relying on bots to do the dirty work, Trojan.MeSpam makes you the culprit. Once infected, every forum post you make, every webmail you send, and every blog comment you leave will also deposit a link pointing to a nefarious website.

Kaspersky ONE

Kaspersky ONE Universal Security is the easy, one-licence solution to protect your PCs, Macs, Android smartphones and Android tablets. Based on award-winning Kaspersky Lab technologies, Kaspersky ONE delivers security that’s optimised for each device – to provide real-time protection against dangerous Internet threats. Whichever device you use to bank, shop, surf or chat online, you know Kaspersky technologies are helping to ensure you're safe.

Benefits

Universal security for multiple devices 

Smart devices are continually exposed to new, sophisticated threats on a daily basis. Kaspersky ONE Universal Security provides convenient protection against malware and cybercrime for your Windows PCs, Macs, Android smartphones and tablets.

Easy, one-licence protection 

With just one licence, you can secure any combination of PCs, Macs, Android smartphones and tablets. For example, a single licence for five devices will enable you to protect your desktop, two laptops and two smartphones – or protect two tablets, two smartphones and a Mac. Kaspersky ONE lets you match your security to your needs.

Award-winning Kaspersky Lab technologies 

Whether you’re looking to protect your PC, Mac, Android smartphone, Android tablet – or various combinations of these devices – you can enjoy peace-of-mind with world-class security that’s easy to use and won’t slow you down.

Real-time reaction to new and emerging threats 

Potential threats are monitored and analysed in real-time and dangerous actions are prevented before they can cause harm. Whatever device you’re using – your PC, Mac, smartphone or tablet – you’ll get immediate scanning of all applications and files that you open, save or download from the web.

Maintain performance – with minimal impact on your devices 

Kaspersky Lab delivers small, frequent database updates to help keep your devices protected from the latest threats – without severely impacting a device’s resources or performance. Working behind-the-scenes, Kaspersky ONE Universal Security doesn’t interfere with other running programs, so you can feel secure while still enjoying great performance.

Anti-Theft protection for smartphones and tablets 

Your mobile device holds so much of your personal information – contacts, emails, texts, pictures and more. What if you lose it or it’s stolen? With our anti-theft protection for mobile devices, you can easily protect your private data and find your missing phone or tablet:

• Disable it – completely blocking access to your device
• Wipe it – delete all of your personal data
• Locate it – using GPS, Wi-Fi, GSM Find and Google Maps
• Identify unauthorised users of your smartphone – by using the “Mugshot” feature, you can secretly photograph the user
• Even if your smartphone’s SIM card is replaced, Kaspersky technologies can still help you to block, clean and find your phone

Kaspersky’s new Anti-Theft Web Management portal gives you remote access to your lost or stolen device – so you can easily activate all of the above anti-theft features.

Back to top ↑

Key Features

Windows PC Protection

You know your PC – and the photos, music, documents and personal information you store on it – all need to be protected. Choose Kaspersky’s award-winning protection and you can bank, shop, surf and socialise online, while you’re protected against the increasingly complex threats that the Internet can throw your way… including threats that have yet to be discovered.

Key Features

• Protects against all known viruses and Internet threats
• Detects new, emerging and unknown threats
• Identifies suspicious websites and phishing websites
• Delivers greater security for online shopping and banking
• Helps to protect your privacy and your digital identity
• Keeps your children safer online
• Prevents malware from exploiting vulnerabilities in your PC
• Compatible with Windows 8

Mac Protection

The growing popularity of Macs is making them into a target for malware. Even if your Mac isn’t targeted, you can still pass harmful PC viruses to your family’s, friends’ and colleagues’ PCs.

Key Features

• Real-time protection against Mac, PC and Linux malware
• Protection against phishing and malicious websites
• Advanced Parental Control to keep your children safe online
• Defeat keyloggers, screen-capture malware and identity thieves
• Familiar, Mac-style interface

Android Smartphone Protection

Mobile devices are the new hotspot for malware attacks. Because your smartphone faces the same vulnerabilities as your PC, you need to protect it just as carefully. Kaspersky ONE's smartphone protection combines innovative anti-theft defence with advanced Internet threat protection, to help ensure the safety of your Android smartphone. Whether your phone is lost or stolen, or is targeted while you're surfing the Internet, you know Kaspersky is helping to keep your personal data safe.

Key Features

• Helps to protect against theft and loss – even if the SIM card has been replaced
• Scans for mobile viruses, spyware and more – in real-time
• Blocks dangerous and phishing websites
• Filters unwanted calls & SMS texts
• Hides private contacts, calls and SMS texts
• Optimised for minimal impact on battery life

Android Tablet Protection

When you download the latest Android app, how do you know that you’ve not downloaded a virus along with it? Protect yourself with real-time scanning and frequent, over-the-air updates – plus advanced web filtering and anti-theft technologies.

Key Features

• Real-time antivirus protection
• Automatic virus-scanning of apps
• Cutting-edge anti-theft technologies
• Web filtering to block dangerous links
• Personal Web Account for remote management
• Minimal impact on tablet resources and performance
• Optimised interface

Back to top ↑

System Requirements

Windows PC Protection

Operating Systems	Hardware Requirements
Microsoft Windows XP Home Edition (Service Pack 2 or higher) Microsoft Windows XP Professional (Service Pack 2 or higher) Microsoft Windows XP Professional 64-Bit Edition (Service Pack 2 or higher)	Processor 800 MHz or higher 512 MB available RAM
Microsoft Windows Vista Home Basic (32/64-Bit) Microsoft Windows Vista Home Premium (32/64-Bit) Microsoft Windows Vista Business (32/64-Bit) Microsoft Windows Vista Enterprise (32/64-Bit) Microsoft Windows Vista Ultimate (32/64-Bit) Microsoft Windows 7 Starter Microsoft Windows 7 Home Basic (32/64-Bit) Microsoft Windows 7 Home Premium (32/64-Bit) Microsoft Windows 7 Professional (32/64-Bit) Microsoft Windows 7 Ultimate (32/64-Bit) Microsoft Windows 8 (32/64-Bit)	Processor 1 GHz or higher 1 GB RAM (32-Bit) or 2 GB RAM (64-Bit)
Required for all installations
Approximately 480 MB free space on the hard drive (depending on anti-virus database size) CD/DVD drive for installation of the program from CD ROM Computer mouse Internet connection for product activation Microsoft Internet Explorer 6 or higher Microsoft Windows Installer 2.0